by Mike Zusman | May 13, 2020 | Cloud, Digital Transformation, Featured, News
Application Security, or AppSec, is a race between your business and bad actors. Whether you realize it or not, people and bots are constantly attacking and probing your Internet-facing and cloud hosted applications. In fact, it’s not uncommon to hear of...
by Brad Dixon | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News
Zoom has had a tough week. While usage has been setting new records they have had to cope with a slew of security gaffes that have received lots of media attention. Concern over some of these issues is justified. However, Zoom seems to be getting more than its fair...
by Mike Zusman | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News, Strategy
Hiring your first appsec engineer is a high-risk endeavor. Many organizations reach the conclusion they need to hire an appsec engineer after accumulating years – if not decades – of application security debt. Hiring an appsec engineer can be a long...
by Meador Inge | Feb 18, 2020 | Cloud, Featured, News, Techniques, Tools, Web
Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
by Ángel Suárez-Bárcena Martín | Jan 23, 2020 | AWS, Cloud, News, Techniques
Security is often a big concern when it comes to cloud computing. According to the Cloud Security Alliance (CSA), traditional security issues under the responsibility of cloud service providers (CSPs) are now less frequent, in contrast with those related to design,...
by Danny Rosseau | May 6, 2019 | Cloud, Tools
By Danny Rosseau Cloud providers have a wide variety of different predesigned service offerings, but they’re intended to be created and used quickly and easily, sometimes to the detriment of having secure configurations by default. It can be confusing for...
